IT Blog

Uncategorized

Aruba Switch 802.1X and MAC Authentication Configuration

The commands to be written for Aruba Switch 802.1X and MAC Authentication configuration are listed according to scenarios. You must enter the values ​​that are suitable for you in the places marked in red.

User Authentication
        radius-server host “Radius server ip address” key “Password” (We enter the ip and secret password of the Radius server that will control)
        aaa authentication port-access eap-radius
        aaa accounting network start-stop radius
        aaa port-access authenticator active
        aaa port-access authenticator “Port or Port Range” (The port or range of ports to be authenticated. For example 1-24)
        aaa port-access authenticator”Port or Port Range” unauth-vid X (Vlan to assign users who cannot authenticate. For example; unauth-vid 10)
        aaa port-access authenticator “Port or Port Range” client-limit X (If more than one user will come from the port to be authenticated, we need to specify For example, 1-24 client-limit 2)
        aaa port-access authenticator “Port or Port Range” control auto

MAC Authentication
        radius-server host “Radius server ip address” key “Password” (We enter the ip and secret password of the Radius server that will control)
        aaa authentication port-access eap-radius
        aaa accounting network start-stop radius
        aaa port-access authenticator active
        aaa port-access mac-based “Port or Port Range”   (For example, 1-24)
        aaa port-access mac-based “Port or Port Range ” unauth-vid X (Vlan to assign users who cannot authenticate. For example; unauth-vid 10)
        aaa port-access mac-based ” Port or Port Range ” addr-limit X (If more than one MAC will come from the port to be authenticated, we need to specify. ; 1-24 client-limit 2)

User Authentication and MAC Authentication are required at the same time on a port, and the following command is entered. The important point here is that the limit number in the port to be checked is at least two. After entering the command, we can write the same port against aaa port-access authenticator and aaa port-access mac-based. This command is frequently used in computers operating over ip phones to control two devices.
        aaa port-access X mixed (port or range of ports on which MAC and Authentication will be applied. For example 1-24)

Leave a Reply

Your email address will not be published. Required fields are marked *